<%@ page language="java" contentType="text/html; charset=UTF-8"
	pageEncoding="UTF-8"%>
<%@ page
	import="java.util.List,java.util.Map,java.util.HashMap,hyl.core.MyFun,com.servlet.*"%>
<%@ page import="hyl.ext.base.*,com.dao.SqlOfUser"%>
<%@ page import="hyl.ext.web.ms.*,com.alibaba.fastjson.JSON"%>
<%
//B通过A授权访问B资源 
// 访问B系统的资源S 需要 通过 [单点系统]A 的登录授权允许
String basePath = Response.getBasePath(request);

TMsA _ma = My.getMsA();
String stamp = request.getParameter("chk");
String appid = request.getParameter("app");
String 密文 = request.getParameter("mm");

BInfo bInfo = _ma.getBInfo(appid);
String mm = bInfo.aes解密64(密文);
MyFun.print("mm", mm);
String[] mms = mm.split(",");
String appid_b = mms[0];
String tokenB = mms[1];
String stampb = mms[2];
String burl = mms[3];
String burlret = mms[4];
// 如果令牌不对,说明密文不对 ,说明来自的b系统 不正确 阻止登录
if (MyFun.isBlank(stamp) || MyFun.isBlank(stampb) || !stampb.equals(stamp))
	return;

// 如果 appid 为空或者未在中心注册 ,阻止登录,必须先注册
if (MyFun.isBlank(appid_b) || !bInfo.eqAppid(appid_b))
	return;

SessionFactory.getInstance();
MySession ms = SessionFactory.getSession(null, null);
if (ms.getUserId() == null) {
	Response.direct(response, burlret + "?code=2&msg=未登录");
} else {
	Response.direct(response, burl + "?token=" + tokenB);
}

%>